Bug 158359 - enforcing targeted policy stops hpoj from starting
enforcing targeted policy stops hpoj from starting
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
4
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-05-20 16:48 EDT by Alexandre Oliva
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version: 1.25.4-10.1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-09-15 11:57:06 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
audit.log entries generated after setenforce 0, for service hpoj restart; service cups restart (1.85 KB, text/plain)
2005-05-20 16:50 EDT, Alexandre Oliva
no flags Details

  None (edit)
Description Alexandre Oliva 2005-05-20 16:48:54 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.8) Gecko/20050512 Fedora/1.0.4-2 Firefox/1.0.4

Description of problem:
A ptal (hpoj)-controlled printer doesn't work if targeted policy is in enforcing mode.  Upon service hpoj restart, /var/log/messages will contain messages such as:

ptal-mlcd: FATAL ERROR at ParPort.cpp:48, dev=<mlc:par:OfficeJet_Series_700>, pid=4471, e=1, t=1116621163         Access denied to parallel
port!

xojpanel doesn't work.  Oddly, if I start ptal-init to reconfigure the device, then mlcd starts successfully, and xojpanel works.

setenforce 0 followed by service hpoj restart; service cups restart enables the printer to work, logging to audit.log entries that audit2allow translates to:

allow cupsd_config_t devpts_t:chr_file { getattr ioctl };
allow ptal_t printer_device_t:chr_file getattr;
allow ptal_t self:capability sys_rawio;


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.23.16-1

How reproducible:
Always

Steps to Reproduce:
1.Boot up with hpoj enabled, configured to control a ptal printer

Actual Results:  The printer won't work.  Restarting hpoj logs messages indicating mlcd couldn't access the printer device.

Expected Results:  It should have been brought up successfully.

Additional info:
Comment 1 Alexandre Oliva 2005-05-20 16:50:02 EDT
Created attachment 114654 [details]
audit.log entries generated after setenforce 0, for service hpoj restart; service cups restart
Comment 2 Daniel Walsh 2005-05-23 16:47:12 EDT
Fixed in selinux-policy-targeted-1.23.16-7
Comment 3 Alexandre Oliva 2005-05-31 16:02:32 EDT
It's not in rawhide yet (we still have -6).  Any chance it could make to FC4?
Comment 4 Daniel Walsh 2005-05-31 16:35:31 EDT
I will start backporting as soon as fc4 is Released.  Everything is frozen.

Dan
Comment 5 Alexandre Oliva 2005-06-01 07:47:00 EDT
Not quite.  Major bugs and regressions can still be fixed, and broken printer
does qualify as a big one for me.  Anyhow, your call...  I'm away until Saturday
evening.

Note You need to log in before you can comment on or make changes to this bug.